package com.mr.security;

import com.mr.security.web.commons.utils.ResultVOUtil;
import com.mr.security.web.commons.vo.ResultVO;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.DispatcherServlet;
import org.springframework.web.servlet.ModelAndView;

@SpringBootApplication
@RestController
@MapperScan("com.mr.security.mapper")
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityApplication {

    /**
    * User (作者): MRui
    * TODO (描述)：设置请求后缀为.do
    * Data：2019-01-19 18:08
    */
    @Bean
    public ServletRegistrationBean servletRegistrationBean(DispatcherServlet dispatcherServlet) {
        ServletRegistrationBean bean = new ServletRegistrationBean(dispatcherServlet);
        bean.addUrlMappings("*.do");
        return bean;
    }

    public static void main(String[] args) {
        SpringApplication.run(SecurityApplication.class, args);
    }

    //case1 登陆
    @GetMapping("/hello")
    public ResultVO hello(){
        ResultVO resultVO = ResultVOUtil.success("成功");
        return resultVO;
    }
    //case2 角色校验登陆(允许ROLE为USER的访问)
    @PreAuthorize("hasRole('ROLE_USER')")
    @RequestMapping("/roleAuth")
    public String roleAuth(){
        return "admin auth";
    }
}

